package com.zust.ysc.config;

import io.micrometer.core.instrument.util.StringUtils;
import org.springframework.context.annotation.Configuration;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @Description 利用Cors原理，实现跨域
 * @Author Github: MatoYing
 * @Date 01/03/2023 3:40 pm
 */

@Configuration
public class CorsFilterConfig implements Filter {
   @Override
   public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
      HttpServletResponse response = (HttpServletResponse) res;
      HttpServletRequest request = (HttpServletRequest) req;

      // 不使用*，自动适配跨域域名，避免携带Cookie时失效
      String origin = request.getHeader("Origin");
      if(StringUtils.isNotBlank(origin)) {
         response.setHeader("Access-Control-Allow-Origin", origin);
      }

      // 自适应所有自定义头
      String headers = request.getHeader("Access-Control-Request-Headers");
      if(StringUtils.isNotBlank(headers)) {
         response.setHeader("Access-Control-Allow-Headers", headers);
         response.setHeader("Access-Control-Expose-Headers", headers);
      }

      // 允许跨域的请求方法类型
      response.setHeader("Access-Control-Allow-Methods", "*");
      // 预检命令（OPTIONS）缓存时间，单位：秒
      response.setHeader("Access-Control-Max-Age", "3600");
      // 明确许可客户端发送Cookie，不允许删除字段即可
      response.setHeader("Access-Control-Allow-Credentials", "true");

      chain.doFilter(request, response);
   }

   @Override
   public void init(FilterConfig filterConfig) {

   }

   @Override
   public void destroy() {

   }

    /*
    注册过滤器：
    @Bean
    public FilterRegistrationBean registerFilter() {
        FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<>();
        bean.addUrlPatterns("/*");
        bean.setFilter(new CorsFilter());
        // 过滤顺序，从小到大依次过滤
        bean.setOrder(Ordered.HIGHEST_PRECEDENCE);

        return bean;
    }
    */
}
